Tagged Questions

Complexity describes - in simple words - how hard (complex) it is to reach a specific goal; and under which conditions. In cryptography, this mostly ends up in using the complexity theory to analyze things. One of the main goals of complexity theory is to prove lower bounds on the resources (e.g. ...

In “Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies" by DeFeo, Jao and Plut (PDF), there is a reduction from the Decisional Supersingular Product (DSSP) problem to ...

Recently Bi-clique Cryptanalysis allowed to obtain following results on full AES ES that claim to have
The first key recovery attack on the full AES-128 with computational
complexity $2^{126.1}$
The ...

I'm trying to understand PPT and in particular what the differences are in uniform and non-uniform PPT's. First, this is how I see it:
A Probabilistic Polynomial-Time algorithm A is an algorithm that ...

I know factoring is the chief means of breaking RSA keys. I know an algorithm that runs in polynomial time would be able to break an RSA key pair "quickly". But how quickly is "quickly"? Note, I'm not ...

How much CPU time is required on a typical home computer to generate a prime number of size 100 bit, 200 bit , 512 bit and 1024 bit using given random bits of the respective sizes?
Please note that ...

In 3-subset Meet in the middle attack, how can we calculate the number of surviving key after meet in the middle stage? and how can we calculate the complexity of Key testing stage? I have read about ...

How to calculate time and space complexity of ElGamal encryption and decryption as there are two exponentiation operation during encryption and one during decryption? Here is my code for encryption:
...

I see that Lagrange interpolation is commonly used for secret sharing, but could it be used for encryption?
The goal is to reduce database I/O and compute new values on the fly. Suppose the use case ...

I've been reading this question where a detailed description of mine is given, I've understood that a polynomial-time adversary is an adversary for which the only feasible strategy are those that take ...

I am facing this problem in calculating the order of a process which involves ECC point addition: $P+Q$ , scalar multiplication: $aP$, and selecting random points in the group. The group is of prime ...

I've been reading the article "A (second) preimage attack on the GOST hash function" by F. Mendel et al (link) and I'm having some difficulty to grasp some of the values of complexities/probabilities ...

It might be common, but if we had to solve an equation like this $m=s^{e}$ mod $n$ where $m,e,n$ are known. How can we find $s$. What optimisations could be applied? And what would the complexity of ...

I have a question regarding the paper "Fully Homomorphic Encryption over the Integers"
(http://eprint.iacr.org/2009/616.pdf): On page 6 after they set their parameters, it says
"This setting results ...

Recently, I found a function that is performed on a sequence to return another sequence. All known algorithms for finding the input, given the output are of exponential complexity. I want to propose ...

A long time ago, I read that the definition of "cryptographic hash function" is "collision-resistant one-way function". (A similar definition shows up in the FIPS standards for SHA-1 etc.)
But this ...

All examples of one-way functions I have see till now are closely related to the assumption that $NP\neq P $ (or even weaker ones, such as $UP\neq P$), but why not considering the theorem $P\neq EXP$? ...

In regards to meet in the middle type attacks, I have been considering the amount of operations in order to successfully find a key given two sets of plaintext / ciphertext pairs. All of the sources I ...

I know it's a highly theoretical topic, but I was wondering if there was any research out there about what cryptography would be like assuming that we had access to nondeterministic Turing machines.
...

I am looking for a proof-of-work scheme which cannot be effectively parallelized.
For example, in hashcash (and by extension bitcoin) you have some collision-resistant hash function $f()$, a target ...

When conducting surveys, an Administrator might send an Enumerator to survey a Respondent. For "sensitive" questions (e.g. about embarrassing behavior), the Respondent may be fine with the truth being ...